This Work Group operates under the Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable And Non discriminatory (RAND) (HTML version). You can find any opt-outs on this page.
Home | → Join This Group | Subscribe to the Mailing ← | List | Archive (Mailman) | Archive | Google Archive
The purpose of the UMA Work Group (charter) is to develop specs that let an individual control the authorization of data sharing and service access made between online services on the individual's behalf, and to facilitate interoperable implementations of the specs.
We welcome your participation! Follow the links to join this group (read-write mailing list privileges) or subscribe to the mailing list (read-only).
Check out our working drafts (Protocol spec, Requirements, Scenarios and Use Cases), explanatory materials, background information, and comparative technology matrix. Following are the key entities and actions we concern ourselves with:
(Google) | Calendar
|title||UMA extension efforts|
We are undertaking some important new work on an UMA "relationship manager" extension to fully enable a resource owner dashboard experience, and more. You can check it out by reading our Meetings and Minutes. To understand more about our work on business-legal considerations, including identity relationship management (IRM)-based delegation use cases, see our Legal hub page. If you're interested to contribute to any of this, be sure to click our Join link above! ⬆︎
Here are the UMA Grant (PDF, HTML for deep linking) and UMA Federated Authorization Recommendations (PDF, HTML for deep linking). Don't miss the UMA2 masterclass delivered by two UMAnitarians at the Identiverse conference in Boston in June 2018 (slides and video). (The slides and video from the previous year's Authorization: Age of UMA session set in the Marvel Cinematic Universe was also a big hit!) The Release Notes review all final UMA1-to-UMA2 changes. See also the UMA Implementer's Guide, our list of known Implementations, and discussions of Case Studies. Finally, see the detailed UMA Grant sequence diagram and FedAuthz sequence diagram.
User-Managed Access (UMA) is an award-winning OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live. Read the specs, join the group, check out the implementations, follow us on Twitter, get involved!
The group is currently working on extensions to UMA V2.0.
The short link for this page is http://tinyurl.com/umawg.
- 6 Sep '21: Congratulations to UMA WG members from Origo on their role in the UK Pensions Dashboard Programme! See this page in the Kantara wiki for more information on using UMA for PDP purposes.
- 10 Jun '21: Congratulations to the new leadership team members! Alec Laws (of Identos) is the Chair and Steve Venema (of ForgeRock) is the Vice-Chair. The WG extends its thanks to former Chair Eve Maler for her previous service as chair. Information about the entire leadership team is here.
- 20 Apr '21: You can get the latest and greatest UMA 101 presentation delivered by UMAnitarians Eve and George at IIW here.
- 3 Dec '20: The UMA Work Group is pleased to accept a new profile contribution (to be provided immently) related to UK Pensions Dashboards as shown on-screen at its meeting today. Read all about it on our updated Third-Party Profiles and Extensions page.
- 15 Oct '20: We are undertaking some important new work on an UMA "policy manager" extension, and more. You can check it out by reading our Meetings and Minutes, and if you're interested to contribute, be sure to click our Join link above! ⬆︎
- 1 Oct '20: WG chair Eve Maler presented UMA, including analyses and comparisons to some other technologies, to the Decentralized Identity Foundation Secure Data Storage WG. Here are her slides.